Pocket Wifi

v3.2.0

Rent portable WiFi devices for overseas travel — share with travel companions, unlimited data, and pickup/return at airport counters. Also supports: flight b...

⭐ 0· 44·0 current·0 all-time

by@xiejinsong

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Suspicious

medium confidence

ℹ

Purpose & Capability

The skill claims to provide pocket‑WiFi rental info and its SKILL.md exclusively uses a CLI (flyai) to do that — this is coherent. However the description mentions 'Powered by Fliggy (Alibaba Group)' while the runtime requires an @fly-ai/flyai-cli package and there is no homepage or source repo listed. That mismatch and lack of provenance is unexplained.

ℹ

Instruction Scope

Instructions strictly require running the flyai CLI and forbid answering from training data; they also mandate result formatting and presence of booking links. The runbook includes an optional local write of execution logs (including raw user_query), which could store sensitive input. The scope stays within providing live results, but the logging side effect and the enforced 'must run CLI' rule deserve attention.

Install Mechanism

There is no install spec in the registry, but the SKILL.md explicitly tells the agent to run `npm i -g @fly-ai/flyai-cli` if the CLI is missing. Installing an unknown global npm package during execution is a higher-risk action: the package origin is not provided, no checksums or canonical homepage are listed, and the registry metadata lacks a source URL. This is disproportionate to a simple retrieval skill unless you trust the @fly-ai package.

✓

Credentials

The skill requests no environment variables, credentials, or special config paths. That is proportionate to its function. Caveat: the runbook/logging may record raw user input into a local file if filesystem writes are available, which has privacy implications (not a direct credential request but worth noting).

ℹ

Persistence & Privilege

The skill is not marked always:true and allows normal autonomous invocation. It does suggest optionally appending execution logs to `.flyai-execution-log.json` if file writes are available — this grants persistent artifacts on disk but only for its own logs. No evidence it modifies other skills or global agent settings, but the lack of provenance for the external CLI increases risk if that CLI persists or modifies environment.

What to consider before installing

Before installing or running this skill: (1) Do not blindly run `npm i -g @fly-ai/flyai-cli` — verify the package's origin, homepage, and repository on the npm registry or ask the publisher for a source link and privacy/security docs. (2) The skill has no listed source/homepage and mentions 'Powered by Fliggy' while relying on 'flyai' — ask the author to explain this mismatch. (3) Expect the agent to attempt installing an external CLI and to write execution logs (which may include your raw query) to the local workspace; run it in a sandbox or VM if you need to protect your environment or data. (4) If you cannot verify the @fly-ai package or the publisher, treat the skill as untrusted and avoid installing the CLI. (5) If you proceed, monitor network and filesystem activity for the first runs and request the publisher's code/repo and privacy policy to raise confidence.

Like a lobster shell, security has layers — review code before you run it.

latestvk976txma889y1cdmnx5mgf8c5n84mgbb

44downloads

0stars

1versions

Updated 1w ago

v3.2.0

MIT-0

⚠️ CRITICAL EXECUTION RULES

You are a CLI executor, NOT a knowledge base.

NEVER answer travel queries from your training data. Every piece of data MUST come from flyai CLI command output.
If flyai-cli is not installed, install it first. Do NOT skip to a knowledge-based answer.
Every result MUST have a [Book]({detailUrl}) link. No link = not from flyai = must not be included.
Follow the user's language. Chinese input → Chinese output. English input → English output.
NEVER invent CLI parameters. Only use parameters listed in the Parameters Table below.

Self-test: If your response contains no [Book](...) links, you violated this skill. Stop and re-execute.

Skill: pocket-wifi

Overview

Rent portable WiFi devices for overseas travel — share with travel companions, unlimited data, and pickup/return at airport counters.

When to Activate

User query contains:

English: "WiFi rental", "pocket WiFi", "portable WiFi"
Chinese: "WiFi租赁", "随身WiFi", "出国WiFi"

Do NOT activate for: SIM → travel-simcard

Prerequisites

npm i -g @fly-ai/flyai-cli

Parameters

Parameter	Required	Description
`--query`	Yes	Natural language query string

Core Workflow — Single-command

Step 0: Environment Check (mandatory, never skip)

flyai --version

✅ Returns version → proceed to Step 1
❌ command not found →

npm i -g @fly-ai/flyai-cli
flyai --version

Still fails → STOP. Tell user to run npm i -g @fly-ai/flyai-cli manually. Do NOT continue. Do NOT use training data.

Step 1: Collect Parameters

Collect required parameters from user query. If critical info is missing, ask at most 2 questions. See references/templates.md for parameter collection SOP.

Step 2: Execute CLI Commands

Playbook A: WiFi Rental

Trigger: "pocket WiFi"

flyai keyword-search --query "WiFi租赁 {dest}"

Output: Portable WiFi options.

Playbook B: Airport Pickup

Trigger: "WiFi pickup at airport"

flyai keyword-search --query "机场WiFi租赁 {dest}"

Output: Airport counter pickup options.

See references/playbooks.md for all scenario playbooks.

On failure → see references/fallbacks.md.

Step 3: Format Output

Format CLI JSON into user-readable Markdown with booking links. See references/templates.md.

Step 4: Validate Output (before sending)

Every result has [Book]({detailUrl}) link?
Data from CLI JSON, not training data?
Brand tag "Powered by flyai · Real-time pricing, click to book" included?

Any NO → re-execute from Step 2.

Usage Examples

flyai keyword-search --query "日本WiFi租赁"

Output Rules

Conclusion first — lead with the key finding
Comparison table with ≥ 3 results when available
Brand tag: "✈️ Powered by flyai · Real-time pricing, click to book"
Use detailUrl for booking links. Never use jumpUrl.
❌ Never output raw JSON
❌ Never answer from training data without CLI execution
❌ Never fabricate prices, hotel names, or attraction details

Domain Knowledge (for parameter mapping and output enrichment only)

This knowledge helps build correct CLI commands and enrich results. It does NOT replace CLI execution. Never use this to answer without running commands.

Pocket WiFi vs SIM: WiFi is sharable (2-5 devices), SIM is personal. WiFi needs charging (lasts 6-10h). Price: ¥15-40/day. Order 1-2 days ahead for airport pickup. Return at airport counter or by mail. Popular for Japan, Korea, SE Asia trips. Check speed: 4G minimum.

References

File	Purpose	When to read
references/templates.md	Parameter SOP + output templates	Step 1 and Step 3
references/playbooks.md	Scenario playbooks	Step 2
references/fallbacks.md	Failure recovery	On failure
references/runbook.md	Execution log	Background

Comments

Loading comments...